Differential D12539

Klipper: Do not insert secret data into history
ClosedPublic
Actions

Authored by hoffmannrobert on Apr 26 2018, 10:41 AM.

Details

Reviewers
davidedmundson
Commits
R120:6f9721765017: Klipper: Do not insert secret data into history
R120:637cd0bf62e4: Klipper: Do not insert secret data into history
Summary

Password manager tools like Keepassx offer an option to clear
the clipboard/selection after some time, e.g. 10 seconds,
after the password was copied to the clipboard. This works fine,
but unfortunately the password isn't removed from Klipper's
history. This is a great security risk, which may make the use
of password managers impossible.

This patch changes Klipper::applyClipChanges(const QMimeData* clipData)
where clipboard data is inserted into history. If the data has an
additional mime type 'x-kde-passwordManagerHint', it is not inserted
into history.

For this to work as designed, password managers should add the
additional mime type 'x-kde-passwordManagerHint' to the mimeData
like following when copying a password to the clipboard:

QMimeData* mimeDataClipboard = new QMimeData();
const QString secretStr = "secret";
QByteArray secretBa = secretStr.toUtf8();
mimeDataClipboard->setText(password);  // this is the password to copy
mimeDataClipboard->setData("x-kde-passwordManagerHint", secretBa);
clipboard->setMimeData(mimeDataClipboard, QClipboard::Clipboard);

if (clipboard->supportsSelection()) {
    // we cannot use the same QMimeData, it's already owned by clipboard
    QMimeData* mimeDataSelection = new QMimeData();
    mimeDataSelection->setText(password); // this is the password to copy
    mimeDataSelection->setData("x-kde-passwordManagerHint", secretBa);
    clipboard->setMimeData(mimeDataSelection, QClipboard::Selection);
}

Diff Detail

Repository
R120 Plasma Workspace
Branch
master
Lint
No Linters Available
Unit
No Unit Test Coverage
Restricted Application added a project: Plasma. · View Herald TranscriptApr 26 2018, 10:41 AM
Restricted Application added a subscriber: plasma-devel. · View Herald Transcript
hoffmannrobert requested review of this revision.Apr 26 2018, 10:41 AM
hoffmannrobert edited the summary of this revision. (Show Details)Apr 26 2018, 10:42 AM
hoffmannrobert edited the summary of this revision. (Show Details)Apr 26 2018, 10:48 AM
davidedmundson accepted this revision.Apr 26 2018, 10:48 AM
davidedmundson added a subscriber: davidedmundson.

Beautiful!
Do you have commit access?

This revision is now accepted and ready to land.Apr 26 2018, 10:48 AM
davidedmundson added a comment.Apr 26 2018, 10:52 AM

Can you link to the relevant Keepassx patch when you make it so I can help follow up there.

graesslin added a subscriber: graesslin.Apr 26 2018, 3:22 PM

And it's probably something we also want to add to KWallet and maybe every password field we have.

broulik added a subscriber: broulik.Apr 26 2018, 3:26 PM

And it's probably something we also want to add to KWallet and maybe every password field we have.

Since when can you Copy from password fields?

graesslin added a comment.Apr 27 2018, 7:18 PM
In D12539#254330, @broulik wrote:

And it's probably something we also want to add to KWallet and maybe every password field we have.

Since when can you Copy from password fields?

I just locked my screen on X11 (I need the wacom), enabled echo mode, copied the content of the password field, unlocked and pasted and yes it worked.

dvratil added a subscriber: dvratil.May 1 2018, 8:06 PM
Closed by commit R120:637cd0bf62e4: Klipper: Do not insert secret data into history (authored by hoffmannrobert, committed by davidedmundson). · Explain WhyMay 16 2018, 10:19 AM
This revision was automatically updated to reflect the committed changes.
davidedmundson added a comment.May 16 2018, 10:20 AM

I was kinda hoping to see your keepassx patch merged before we did this in case of any changes, but given we have 5.13 beta soon, I've merged as-is

Revision Contents
Changeset List

PathPackages
Mklipper/klipper.cpp (4 lines)

Diff 33138

View Options

klipper/klipper.cpp

Loading...